<?php
namespace app\middleware;

class CorsMiddleware
{
    public function handle($request, \Closure $next)
    {
        $response = $next($request);
        $response->header([
            'Access-Control-Allow-Origin' => '*', // 生产环境建议改成指定域名
            'Access-Control-Allow-Methods' => 'GET,POST,PUT,DELETE,OPTIONS',
            'Access-Control-Allow-Headers' => 'Authorization,Content-Type,token',
        ]);
        // 处理预检请求
        if ($request->method() == 'OPTIONS') {
            $response->code(204);
        }
        return $response;
    }
} 